SFTP login Server Refused our key

Hello,
just upgraded to the new version and tried connecting to my Raspberry.

Using SSH protocol version 2
We claim version: SSH-2.0-PuTTY_Directory_Opus
Server supports delayed compression; will try this later
Doing ECDH key exchange with curve Curve25519 and hash SHA-256
Server also has ssh-rsa host key, but we don't know it
Host key fingerprint is:
ecdsa-sha2-nistp256 256 XXXXX
Initialised AES-256 SDCTR client->server encryption
Initialised HMAC-SHA-256 client->server MAC algorithm
Initialised AES-256 SDCTR server->client encryption
Initialised HMAC-SHA-256 server->client MAC algorithm
Reading key file "Identity.ppk"
Using username "anonymous".
Offered public key
Server refused our key
Server refused our key
Disconnected: No supported authentication methods available (server sent: publickey)
SSH: Fatal: Disconnected: No supported authentication methods available (server sent: publickey)
Connection closed

I use the same Key/Config as in WinSCP where the connection works fine.

What does the connection log for WinSCP say? Does it include that line?

Hi Leo, no.

File transfer protocol = SFTP-3
Cryptographic protocol = SSH-2
SSH implementation = OpenSSH_8.4p1 Raspbian-5+b1
Encryption algorithm = AES-256 SDCTR (AES-NI accelerated)
Compression = No
------------------------------------------------------------
Server host key fingerprints
SHA-256 = ecdsa-sha2-nistp256 256 XXXXX
MD5 = ecdsa-sha2-nistp256 256 XXXXXX
------------------------------------------------------------
Can change permissions = Yes
Can change owner/group = Yes
Can execute arbitrary command = No
Can create symbolic/hard link = Yes/Yes
Can lookup user groups = No
Can duplicate remote files = No
Can check available space = Yes
Can calculate file checksum = No
Native text (ASCII) mode transfers = No
------------------------------------------------------------
Additional information
The server supports these SFTP extensions:
  posix-rename@openssh.com="1"
  statvfs@openssh.com="2"
  fstatvfs@openssh.com="2"
  hardlink@openssh.com="1"
  fsync@openssh.com="1"
  lsetstat@openssh.com="1"
------------------------------------------------------------
Total bytes on device = 28,0 GB (30.120.972.288 B)
Free bytes on device = 18,9 GB (20.339.683.328 B)
Total bytes for user = Unknown
Free bytes for user = 17,4 GB (18.786.222.080 B)
Bytes per allocation unit = 4,00 KB (4.096 B)

Looks like WinSCP has access to the SHA-256 key that Opus reports it doesn't know.

If you connect to the server using the current versions of PuTTY/Pageant and the same PPK file, does that work?

Hi Leo, yes it works fine. Just realized the Log from WinSCP was not the real debug log.

. 2022-03-21 16:04:50.546 Looking up host "XXXX" for SSH connection
. 2022-03-21 16:04:50.546 Connecting to XXXXX port 222
. 2022-03-21 16:04:50.573 Waiting for the server to continue with the initialization
. 2022-03-21 16:04:50.574 We claim version: SSH-2.0-WinSCP_release_5.19.6
. 2022-03-21 16:04:50.574 Detected network event
. 2022-03-21 16:04:50.661 Detected network event
. 2022-03-21 16:04:50.661 Waiting for the server to continue with the initialization
. 2022-03-21 16:04:50.661 Remote version: SSH-2.0-OpenSSH_8.4p1 Raspbian-5+b1
. 2022-03-21 16:04:50.661 Using SSH protocol version 2
. 2022-03-21 16:04:50.661 Have a known host key of type ecdsa-sha2-nistp256
. 2022-03-21 16:04:50.669 Detected network event
. 2022-03-21 16:04:50.669 Waiting for the server to continue with the initialization
. 2022-03-21 16:04:50.669 Doing ECDH key exchange with curve Curve25519 and hash SHA-256
. 2022-03-21 16:04:50.736 Detected network event
. 2022-03-21 16:04:50.736 Waiting for the server to continue with the initialization
. 2022-03-21 16:04:50.769 Server also has ssh-rsa host key, but we don't know it
. 2022-03-21 16:04:50.769 Host key fingerprint is:
. 2022-03-21 16:04:50.769 ecdsa-sha2-nistp256 256 XXXX  with fingerprints ecdsa-sha2-nistp256 256 XXXX
. 2022-03-21 16:04:50.825 Host key matches cached key
. 2022-03-21 16:04:50.826 Initialised AES-256 SDCTR (AES-NI accelerated) [aes256-ctr] outbound encryption
. 2022-03-21 16:04:50.826 Initialised HMAC-SHA-256 outbound MAC algorithm
. 2022-03-21 16:04:50.826 Initialised AES-256 SDCTR (AES-NI accelerated) [aes256-ctr] inbound encryption
. 2022-03-21 16:04:50.826 Initialised HMAC-SHA-256 inbound MAC algorithm
. 2022-03-21 16:04:50.827 Detected network event
. 2022-03-21 16:04:50.827 Waiting for the server to continue with the initialization
. 2022-03-21 16:04:50.827 Reading key file "Identity.ppk"
. 2022-03-21 16:04:50.828 Prompt (username, "SSH login name", <no instructions>, "login as: ")
. 2022-03-21 16:04:53.526 Response: "XX"
. 2022-03-21 16:04:53.548 Detected network event
. 2022-03-21 16:04:53.548 Waiting for the server to continue with the initialization
. 2022-03-21 16:04:53.548 Server offered these authentication methods: publickey
. 2022-03-21 16:04:53.548 Offered public key
. 2022-03-21 16:04:53.558 Detected network event
. 2022-03-21 16:04:53.558 Waiting for the server to continue with the initialization
. 2022-03-21 16:04:53.558 Offer of public key accepted
! 2022-03-21 16:04:53.558 Authenticating with public key "XXX@XXX"
. 2022-03-21 16:04:53.578 Prompt (passphrase, "SSH key passphrase", <no instructions>, "Passphrase for key "XXX@XXXX": ")
. 2022-03-21 16:05:00.043 Sent public key signature
. 2022-03-21 16:05:00.126 Detected network event
. 2022-03-21 16:05:00.126 Waiting for the server to continue with the initialization
. 2022-03-21 16:05:00.126 Access granted
. 2022-03-21 16:05:00.126 Opening main session channel
. 2022-03-21 16:05:00.153 Detected network event
. 2022-03-21 16:05:00.153 Waiting for the server to continue with the initialization
. 2022-03-21 16:05:00.153 Remote debug message: /home/pi/.ssh/authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
. 2022-03-21 16:05:00.196 Detected network event
. 2022-03-21 16:05:00.196 Waiting for the server to continue with the initialization
. 2022-03-21 16:05:00.196 Remote debug message: /home/pi/.ssh/authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
. 2022-03-21 16:05:00.196 Opened main channel
. 2022-03-21 16:05:00.199 Detected network event
. 2022-03-21 16:05:00.199 Waiting for the server to continue with the initialization
. 2022-03-21 16:05:00.199 Started a shell/command`Preformatted text`

This is seriously strange, I have now set the path to the keyfile again and it's working. Sorry for confusion must have been something on my end.

1 Like